ServiceEngineGroup

Description

API


    POST /api/serviceenginegroup
    PUT /api/serviceenginegroup/&ltkey>
    DELETE /api/serviceenginegroup/&ltkey>
    GET /api/serviceenginegroup
    GET /api/serviceenginegroup/&ltkey>

CLI


    configure serviceenginegroup &ltkey>
    show serviceenginegroup &ltkey>

Examples

To create a SE group that is suitable for a production application with a HA policy of shared active/active with a minimum scale out of 2 SE

 POST /api/serviceenginegroup

{
    "min_scaleout_per_vs": 2, 
    "ha_mode": "HA_MODE_SHARED_PAIR", 
    "name": "production-group"
}
 

To create a SE group that is of best effort category suitable for test deployments

 POST /api/serviceenginegroup

{
    "buffer_se": 0, 
    "ha_mode": "HA_MODE_BEST_EFFORT", 
    "max_se": 8, 
    "name": "test-group"
}
 

Data

ServiceEngineGroup

uuid

Type
string
Category
required
Description

name

Type
string
Category
required
Description

description

Type
string
Category
optional
Description

tenant_ref

Type
Reference to Tenant
Category
optional
Description

max_vs_per_se

Type
int32
Category
optional
Description
Maximum number of Virtual Services that can be placed on a single Service Engine.
Default
10

min_scaleout_per_vs

Type
int32
Category
optional
Description
Minimum number of active Service Engines for the Virtual Service.
Default
1

max_scaleout_per_vs

Type
int32
Category
optional
Description
Maximum number of active Service Engines for the Virtual Service.
Default
4

max_se

Type
int32
Category
optional
Description
Maximum number of Services Engines in this group.
Default
10

vcpus_per_se

Type
int32
Category
optional
Description
Number of vcpus for each of the Service Engine virtual machines.
Default
2

memory_per_se

Type
int32
Category
optional
Description
Amount of memory for each of the Service Engine virtual machines.
Default
2048

max_cpu_usage

Type
int32
Category
optional
Description
When CPU utilization exceeds this maximum threshold, Virtual Services hosted on this Service Engine may be rebalanced to other Service Engines to lighten the load. A new Service Engine may be created as part of this process.
Default
80

min_cpu_usage

Type
int32
Category
optional
Description
When CPU utilization falls below the minimum threshold, Virtual Services hosted on this Service Engine may be consolidated onto other underutilized Service Engines. After consolidation, unused Service Engines may then be eligible for deletion. When CPU utilization exceeds the maximum threshold, Virtual Services hosted on this Service Engine may be migrated to other Service Engines to lighten the load. A new Service Engine may be created as part of this process.
Default
30

se_deprovision_delay

Type
int32
Category
optional
Description
Duration to preserve unused Service Engine virtual machines before deleting them. If traffic to a Virtual Service were to spike up abruptly, this Service Engine would still be available to be utilized again rather than creating a new Service Engine.
Default
120

auto_rebalance

Type
bool
Category
optional
Description
If 'Auto Rebalance' is selected, Virtual Services will be automatically migrated when the load on Service Engines falls below the minimum threshold or goes above the maximum threshold. Otherwise, an Alert is generated instead of automatically performing the migration.
Default
False

se_name_prefix

Type
string
Category
optional
Description
Prefix to use for virtual machine name of Service Engines.
Default
Avi

vs_host_redundancy

Type
bool
Category
optional
Description
Ensure primary and secondary Service Engines are deployed on different physical hosts.
Default
True

vcenter_folder

Type
string
Category
optional
Description
Folder to place all the Service Engine virtual machines in vCenter.
Default
AviSeFolder

vcenter_datastores

Type
VcenterDatastore
Category
repeated
Description

vcenter_datastores_include

Type
bool
Category
optional
Description
Default
False

vcenter_datastore_mode

Type
enum
Category
optional
Description
Default
VCENTER_DATASTORE_ANY
Choices
VCENTER_DATASTORE_ANY, VCENTER_DATASTORE_LOCAL, VCENTER_DATASTORE_SHARED

vcenter_clusters

Type
VcenterClusters
Category
optional
Description

vcenter_hosts

Type
VcenterHosts
Category
optional
Description

openstack_availability_zone

Type
string
Category
optional
Description

cpu_reserve

Type
bool
Category
optional
Description
Default
False

mem_reserve

Type
bool
Category
optional
Description
Default
True

mgmt_network_ref

Type
Reference to Network
Category
optional
Description
Management network to use for Avi Service Engines

mgmt_subnet

Type
IpAddrPrefix
Category
optional
Description
Management subnet to use for Avi Service Engines

ha_mode

Type
enum
Category
optional
Description
High Availability mode for all the Virtual Services using this Service Engine group.
Default
HA_MODE_SHARED
Choices
HA_MODE_DEDICATED_PAIR, HA_MODE_SHARED_PAIR, HA_MODE_BEST_EFFORT, HA_MODE_SHARED

algo

Type
enum
Category
optional
Description
If 'compact' placement algorithm is used, Virtual Services are placed on existing Service Engines until they all have the maximum number of Virtual Services. Otherwise, Virtual Services are distributed to as many Service Engines as possible.
Default
PLACEMENT_ALGO_PACKED
Choices
PLACEMENT_ALGO_PACKED, PLACEMENT_ALGO_DISTRIBUTED

buffer_se

Type
int32
Category
optional
Description
Excess Service Engine capacity provisioned for HA failover
Default
1

active_standby

Type
bool
Category
optional
Description
Service Engines in active/standby mode for HA failover
Default
False

placement_mode

Type
enum
Category
optional
Description
If placement mode is 'Auto', Virtual Services are automatically placed on Service Engines. If 'Manual' placement mode is selected, user must specify the Service Engine where the Virtual Service should be placed.
Default
PLACEMENT_MODE_AUTO
Choices
PLACEMENT_MODE_AUTO, PLACEMENT_MODE_MANUAL

openstack_mgmt_network_name

Type
string
Category
optional
Description
Avi Management network name

openstack_mgmt_network_uuid

Type
string
Category
optional
Description
Management network UUID

instance_flavor

Type
string
Category
optional
Description
Instance/Flavor type for SE instance

hypervisor

Type
enum
Category
optional
Description
Override default hypervisor
Choices
DEFAULT, VMWARE_VSAN, VMWARE_ESX, KVM

se_dos_profile

Type
DosThresholdProfile
Category
optional
Description

auto_rebalance_interval

Type
int32
Category
optional
Description
Frequency of rebalance, if 'Auto rebalance' is enabled
Default
300

aggressive_failure_detection

Type
bool
Category
optional
Description
Enable aggressive failover configuration for ha.
Default
False

realtime_se_metrics

Type
MetricsRealTimeUpdate
Category
optional
Description
Enable or disable real time SE metrics

vs_scaleout_timeout

Type
uint32
Category
optional
Description
Time to wait for the scaled out SE to become ready before marking the scaleout done
Default
30

vs_scalein_timeout

Type
uint32
Category
optional
Description
Time to wait for the scaled in SE to drain existing flows before marking the scalein done
Default
30

hardwaresecuritymodulegroup_ref

Type
Reference to HardwareSecurityModuleGroup
Category
optional
Description

connection_memory_percentage

Type
uint32
Category
optional
Description
Percentage of memory for connection state. This will come at the expence of memory used for http in-memory cache.
Default
20

extra_config_multiplier

Type
Unknown
Category
optional
Description
Multiplier for extra config to support large VS/Pool config.
Default
0

vs_scalein_timeout_for_upgrade

Type
uint32
Category
optional
Description
During SE upgrade, Time to wait for the scaled-in SE to drain existing flows before marking the scalein done
Default
30

host_attribute_key

Type
string
Category
optional
Description
Host Attribute key

host_attribute_value

Type
string
Category
optional
Description
Host Attribute value

log_disksz

Type
uint32
Category
optional
Description
Maximum disk space to be used for debug and application logs in MB
Default
10000

os_reserved_memory

Type
uint32
Category
optional
Description
Amount of extra memory to be reserved for use by the Operating System on a Service Engine.
Default
0

cloud_ref

Type
Reference to Cloud
Category
optional,readonly
Description
Default
/api/cloud?name=Default-Cloud

VcenterDatastore

datastore_name

Type
string
Category
required
Description

VcenterClusters

cluster_refs

Type
Reference to VIMgrClusterRuntime
Category
repeated
Description

include

Type
bool
Category
optional
Description
Default
False

VcenterHosts

host_refs

Type
Reference to VIMgrHostRuntime
Category
repeated
Description

include

Type
bool
Category
optional
Description
Default
False

IpAddrPrefix

ip_addr

Type
IpAddr
Category
required
Description

mask

Type
int32
Category
required
Description

IpAddr

addr

Type
string
Category
required
Description
IP address

type

Type
enum
Category
required
Description
Choices
V4, DNS

DosThresholdProfile

thresh_period

Type
int32
Category
required
Description
Timer value in seconds to collect DoS attack metrics based on threshold on the Service Engine for this Virtual Service.
Default
5

thresh_info

Type
DosThreshold
Category
repeated
Description
Attack type, min and max values for DoS attack detection.

DosThreshold

attack

Type
enum
Category
required
Description
Attack type.
Choices
DOS_REQ_IP_URI_RL_DROP_BAD, DOS_REQ_CIP_SCAN_BAD_RL_DROP, MALFORMED_FLOOD, POLICY_DROPS, IP_FRAG_INCOMPLETE, DOS_CONN_IP_RL_DROP, FAKE_SESSION, DOS_HTTP_ABORT, SMURF, IP_FRAG_TOOSMALL, ICMP_PING_FLOOD, DOS_REQ_CIP_SCAN_UNKNOWN_RL_DROP, DOS_REQ_IP_URI_RL_DROP, LAND, UNKOWN_PROTOCOL, DOS_REQ_IP_RL_DROP_BAD, TCP_NON_SYN_FLOOD, ZERO_WINDOW_STRESS, IP_FRAG_FULL, DOS_REQ_RL_DROP, SMALL_WINDOW_STRESS, BAD_RST_FLOOD, DOS_APP_ERROR, DOS_SSL_ERROR, IP_FRAG_OVERRUN, PORT_SCAN, DOS_REQ_IP_RL_DROP, DOS_REQ_URI_RL_DROP_BAD, TCP_NON_SYN_FLOOD_OLD, DOS_REQ_URI_SCAN_BAD_RL_DROP, DOS_SLOW_URL, DOS_REQ_URI_RL_DROP, SYN_FLOOD, DOS_HTTP_ERROR, TEARDROP, DOS_REQ_URI_SCAN_UNKNOWN_RL_DROP, DOS_HTTP_TIMEOUT, DOS_CONN_RL_DROP

min_value

Type
int32
Category
required
Description
Minimum number of packets or connections or requests in a given interval of time to be deemed as attack.

max_value

Type
int32
Category
required
Description
Maximum number of packets or connections or requests in a given interval of time to be deemed as attack.

MetricsRealTimeUpdate

enabled

Type
bool
Category
required
Description
Enables real time metrics collection. When disabled, 6 hour view is the most granular the system will track.
Default
False

duration

Type
uint32
Category
optional
Description
Real time metrics collection duration in minutes. 0 for infinite.
Default
60

References

HardwareSecurityModuleGroup Network VIMgrClusterRuntime Cloud Tenant VIMgrHostRuntime

Sub Objects

ServiceEngineGroupRuntime

API


    GET /api/serviceenginegroup/&ltkey>/runtime/&ltkey>

CLI


    show serviceenginegroup &ltkey> summary

Data

ServiceEngineGroupRuntime

uuid

Type
string
Category
required
Description

create_stats

Type
SeCreateStats
Category
optional
Description

modify_vnic_stats

Type
SeVnicStats
Category
optional
Description

add_vnic_stats

Type
SeVnicStats
Category
optional
Description

del_vnic_stats

Type
SeVnicStats
Category
optional
Description

query_host_in_progress

Type
bool
Category
optional
Description
Default
False

query_host_cookie

Type
string
Category
optional
Description

up_se

Type
string
Category
repeated
Description

down_se

Type
string
Category
repeated
Description

query_host_ticks

Type
int32
Category
optional
Description

SeCreateStats

num_se_create

Type
int32
Category
optional
Description
Default
0

num_se_create_success

Type
int32
Category
optional
Description
Default
0

num_se_create_fail

Type
int32
Category
optional
Description
Default
0

num_se_create_timeout

Type
int32
Category
optional
Description
Default
0

SeVnicStats

num_vnic_op

Type
int32
Category
optional
Description
Default
0

num_vnic_op_success

Type
int32
Category
optional
Description
Default
0

num_vnic_op_fail

Type
int32
Category
optional
Description
Default
0

num_vnic_op_timeout

Type
int32
Category
optional
Description
Default
0

Actions

API


    POST /api/serviceenginegroup/&ltkey>/runtime/clear

CLI


    clear serviceenginegroup &ltkey> runtime